Client ZPA not connecting reporting FW/AV error


We have a client that has the ZPA app installed on a laptop, when the user signs in, it seems to connect for about 30 seconds and then fails reporting an error FW/AV.

I have read the details about making sure the URLS and IP addresses are whitelisted. I’ve also added the processes to the firewall rules. Unfortunately I’m still getting the same issue and I cannot seem to find the cause of the error.

Anyone able to assist?


Needs additional triage:
-Only one user/client, or everyone of that account?
-One specific location or also when roaming?
-Did you test the client on a different tenant?
-Did you test different client-types/versions?
-Did you check the ZCC logfiles?
-Did you make any packet captures?

It could have different causes, so it’s hard to say what’s wrong without extra information

If the user is not behind a firewall at all does it go away? You can have issues with both the local firewall / antivirus on the machine as well as a perimeter firewall. Had an issue yesterday where a pfsense firewall was causing the issue.


When the user tethers their laptop off their phone they experience the same issue. We have a computer that is connected via Ethernet and this seems to work perfectly, which makes me think its WIFI related. Both computer and laptop use Office 365 Defender for Endpoint and Windows Firewall.